See also: IRC log
-> http://www.w3.org/XML/XProc/2015/01/07-minutes
Accepted.
4 Feb 2015, any regrets?
No regrets heard
Jim reports completion of A-260-01
-> https://lists.w3.org/Archives/Public/public-xml-processing-model-wg/2015Jan/0007.html
And A-260-02
-> https://lists.w3.org/Archives/Public/public-xml-processing-model-wg/2015Jan/0009.html
And A-260-03
-> https://lists.w3.org/Archives/Public/public-xml-processing-model-wg/2015Jan/0008.html
Jim: The open question is, for
the use cases, I've culled some from previos versions.
... And written my own.
... I've also asked in public about the non-XML flows.
Jim: Should we put these in the requirements document?
Norm: If the WG agrees that they're use cases we want to take on for 2.0, then I think we can add them to the Use Cases and Requirements document.
Jim: We put the use cases in and
we traced them back to the spec; we also traced requirements
back.
... Do we want to do that now? Not sure.
... I'll send them along be email and we can start with those
and see what we want to do.
Norm: Sounds good to me.
... You also sent mail about a p:sign step.
Jim: Yes, I saw that we had discussed that previously.
Alex: I think signatures in
general, XML Signatures being a specific case, would be worth
exploring.
... There's lots of code out there and it's a good thing. It
seems possibly like two different steps.
Some discussion of exec and eval
Jim: I'll take a stab at p:sign for the XML case and the non-XML case.
<Zakim> ht, you wanted to mention use of metadata for this
Henry: It occurs to me that as is
the case with some other aspects of what you can consider
ultimate outcome, some steps may be properly implemented as
actually only adding metadata.
... It's perfectly coherent to say that I have an XML Signature
step that only bites at the edge of the pipeline.
... It doesn't have to be the case that adding an XML Signature
step means that thereafter what's flowing through the pipeline
is encrypted.
... Also, wrt the observation about implementability, I think
we have an opportunity to do a good deed and enlist help in
doing it.
... I think the fact that XML Encryption is not widely used is
a real flaw in the XML ecology and adding easy, straightfoward
support in XProc v.next would be a huge encouragement to people
to use it.
... So I think if we asked the community that does know how it
works to help, they'd help because it's a win-win.
ACTION A-26x-01: Norm to ask Frederick Hirsch for help with the encryption implementation parts.
Henry: And finally, wrt use
cases, I implemented a bunch of support for interactions with
amazon web services with the Markup Pipeline for which the
"B-case" that Alex mentioned was front-and-center.
... Take this 256 bit key as represented in hex and this string
and encrypt it so that I can then send it to Amazon web
services.
Alex: I think that's just signed for Amazon
Henry: Yes, that might be the case.
Alex: Making that kind of API easier to use would be a very good thing.
Henry: I'm pretty sure I used p:exec for the signature, but I'll drag out the architecture to look at.
Alex: I'll take an action to collection some data too.
Norm: I think we're drifting towards "we need to make OAuth easy from pipelines."
ACTION A-26x-02: Alex to consider the requirements for making it easy for pipelines to talk to web APIst that use these styles of encryption.
Jim: About the edges of the pipeline, are you thinking of a pipeline that just adds metadata to the document?
Henry: Yes and no. What I was
thinking of was a pipeline that has a whole bunch of stuff that
constructs a document. At some point it wants to specify that
some portion of the document should be signed.
... It should be able to do that at the point where that part
of the document is in focus. This ought to be able to be used
as a subpipeline for example where the whole document isn't in
view.
... Suppose it took an XPath and a bunch of args, and said at
this point in the pipeline, so the element identified by that
XPath should be encrypted.
... Nothing happens except some metadata gets added to document
so that *when it's output from the pipeline* the encryption
will be performed.
... It amounts to instructions to the output step that go in
the metadata. This is useful for other things, like setting the
encoding for the document.
Alex: So I have a bunch of
questions that come from that: is this how the pipeline is
deployed or effected by the information flowing through
it.
... It could be a binding outside the pipeline or it could be
something the serializer actually does.
Henry: I'm thinking of the latter.
Jim: I don't think we need to go deeper today, I just wanted to understand.
Jim: Where is TPAC? Japan?
Norm: Yes, Japan. I'm hoping to go, but it's unclear.
Alex: I'd like to go, I have a colleague there. I don't know if that's going to be possible.
Jim: If we know we're going, we could start trying to get some interest up in that part of the world.
<ht> I think that would be a great idea
Some discussion of a f2f in Edinburgh in June. Still planning.
Adjourned.